General

Malware Config

Signatures

Files

• acf14395284eec73fb37ede06b640b2e464c14e99992fcceb726778ddfc38a72

  .exe windows x86

  e132164f0eae199b1c4bf9b5ab5e0acb

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvbvm60

  __vbaFreeVarList

  kernel32

  GetModuleFileNameW

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  MessageBoxW

  Exports

  Exports

  �,~z�D� @���ږ�6;�[�j0��j �8���Mq��2^jI�;�M��{!��{+�D�yR��Ik+~�ҙ|���S�J�����Mƒ���.�}|$��^�^ ��'�[��4����-�&\i������#\=˧H��<���ub"�C�]��
  ��}�6��|��xfX��z�5���gT��pH�ɸ�s��5P8-tώ͛m����x�{���km������sx�D{ɗe�8�W~��9?�M��yz=w�͛��i��f�PPu���̈zf��O���W�q%D���\�N�؍v����c�}�o>�>�+<�3�m���9>�H�h�}��`�2j9���Z�����?D A�=��Rڸ}��1�.�����5�y�U* ������a��7Y ��(��PY�Xق
  ��y�t�Y��nӂ+� s �����d>�>G�u$�.��ԛҁ��0Ɗ�󆾏8s�uW�����,��w���'%4F���0Z�V�io���N�.��dSDogr���r�4�e��~�?�����O��PbU
  �Jی1���8�
  1�?&Сk�vv����c� �6�@�r-�,���(O�mi���e����W��R6���1�4�n�9��{�_,�ݬy��o�&��۠��J&��?F�$��>�m�՜�����4���������e�勇��,�F�*б�/�9�3[u�lQr����ˏ��_�%��bۀ��� ��١,���������1x��v���p��P_�&,ًm��ی���r~�@fM �uDi��]Q�"ɲ����%���5�hx#���0�3�c�چ�cQ�'�ش���;� cp?��M�iq9�����s󾚴 ��ki��h��� (g2�ct)�d3��3���'5,c�o՜_�e��Y�߽;HCs}xP���@>&
  +���M�t�w�+�m���v��@��ݡ��/�F��i�J��I�a�ቊ���Z��d?��|��K��B���3�?�$�v^݀*��m�`�E$i�3,�묙���-���
  ����|LI�"i���׺k'�JP'Z�&`1�[�1E�:�w)�Y͎�b�� ,vR�D]�E,4��*�����3F�%xb��皰�u!��RJ���6ޮn�����T-���T/�SvM���C��r��u��%4ɝ�:�y5J���3T�(��!_v�Q�Dr ����ZLq7TLIAi/"R�����&F?��,�~a^��ڄ��{��0�z�3┵_���=%9�;;p܈u��Xp��B䋽�Q�_~B��U|�ؾ����X�������/p�S���O��?���h�J�+�0�]q��w���bo$#��\���+�n��X4�+t�,��\i{*�d�l�-F��w �����E\<?fN��n G�:�y/���I�Π2�=o��%��NWNR��G�+��(��۠�;�� b����*}�\K;焥�g52;��f4�0
  ��sc��*t��u�jƄV`[c��7m�a����n�==���f�}�d����f�W�t侞T
  ����zI&'�v$��̀�A��~�ԋU �������X��7&���[i2_���lz��N�쉞%w$8LG"r�3�;�4�{�"Z��E{4��zJ:&N�}"�Q�����0��|��<�XK�݊4h[��*,�<�_�;�gFA@�G$��+��,7�-�a�$�iʃ�1L��wC��2 3:�#�Z�b���(��>�*�d�3�m _�ı�6�:�ʶOܨ�G5 Ũ()--'P7 L�L������ ���<�ඉ��P�j���!�����+>�z4� sc S�߭My��9)�H�Ng��o)���V�a�ы��FK��]�W3qL8#j_�z�Rk P���]G�O^Lg>�@Xʸ989(��
  X&�ת�O�V�̍N��%�d�nk�,�V Kj��F�뙅f�������N�i�A^�!���TJx��{��&5�V^4�NC�[S��BE}���|y�k�bj��s��*�A�}Ac�<w�
  qz�q'`P=�ٸ}Pk(���Y��H2�(z�o�p�Ӧw��A��h�����5��^�%��.�%9u@���t��:H��5|�%���Mlx�6}VALZ��O�rm��N�)��Z|��˙ꏦ�ԏR�r��1~F��PB����'�?O$��\�6m�ە���E�s
  bx}�_��e�\�qP�{o�����{��K{+��c��O�H�5tb��:��3�����+�\�Y�N9�߀Ȃ��^�_��>�,�s�o�@2)�7z^�`��GZ�x�0ҎE>=�\r9�D�Β2���X湇uw������z�`��mq��sQ:�D����$D�E?R̡��z6�Ҁ�ܹ�3"��m��g�$E�����LfTt?��Xy�����=W�m<�X�j��s6c������i���n�A��b}V߉^e�� ��~�
  ����W�b�����dv}֊���ޙ�C���)�B�S�ڂ3m<��7���vɢ*[=�^ ̫� ���E[�<h~ll��U�#��r�:�2*���I�.�B6Y����N>C 6�٦7j]Q�q��)FjV��G�8�F1��!/�:����L$�Y5=D $N�t��PH���u���[������!�刓 Z]�/�i��Lf�:w�}eH�aЊ=�ϋ�dQQ�8v�jW�Z��z��/رO_5�q�~���8BDŽ�;��z�E��
  4�z���c�<�O�6>�C;�?m[��U�� L���0A��[�=����DD�O徭�ఀ�;�Dˆ��ΡE]�;?M�� ��H{%44�|[2sŷX��͌�1�{�����Ȣ�7N��r��t��1Q�K���s��~wW��i���[�`���� ���3 �&��|�Cuu�>���IF�����x��Ŷ+C��0���~/=*�g���s�&a�UXa��#X�A�i^!�|KԆ��n��v��¾�g<JN%��_C���A��Nd��e$�K����ڄ4�e[Hq�ȕe7���]R�s;�Ҝ����*�Ҕ��y����҃�8�*&�c қ�/6NG`J��8x���OB2W]�����

  Sections

  .text

  Size: - Virtual size: 309KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 937KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 4KB - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp1

  Size: 956KB - Virtual size: 954KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 24KB - Virtual size: 23KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ